New Articles, Tools, Tips and Tricks: Bugs, Annoyances, PowerShell and some other Stuff

Bugs and Annoyances

ICA connections initiated over the ICA client object (ICO) SDK fail because 128-bit encryption cannot be enabled. Apparently, setting EncryptionLevelSession does not work. Annoyingly, this bug is more than a year old, was fixed in the ICA client 10.2 and reappeared in the current version 11.0. Bugs like this one are bad for the entire Citrix ecosystem, because they break cool tools like Citrix Quick Launch, xConnect and others I may not even know about. [Update 2009-09-30: this bug has been fixed in ICA client 11.2.]

Windows 7’s version of Robocopy does not copy EFS-encrypted files to an unencrypted location on another computer. Even Explorer can do that. Vista’s version of Robocopy was not so narrow-minded.

Microsoft released the tools BinScope and MiniFuzz do aid admins and developers in testing applications for security problems. Apparently they did not fuzz MiniFuzz itself, though (it crashes from time to time due to unhandled exceptions). Still, a very good tool.

PowerShell

Why do we have to read PowerShell’s help texts in a console Window, probably the least comfortable reading location? Some guys at VMware may have thought the same and wrote the function New-HtmlHelp. Although the idea is very good, the code could use some polishing prior to being put to production use. Might be a task for a boring Winter night.

Unlike Perl, PowerShell cannot syntax check a script without actually running it. But Shay Levy devised a clever method of using a tokenizer for syntax checking. Works great! By the way, his function Test-PSScript is a good example for anyone learning PowerShell.

Want to make Total Commander start PowerShell in the selected directory? Go to Start -> “Change Start Menu…” and enter the following:

Server 2008 R2 adds a recycle bin to Active Directory. Good for us all! This AskDS blog post describes how to use it. Unfortunately the interface is PowerShell only, no GUI provided (why – no time?).

Ever whished a system should somehow auto-manage service account passwords? Windows 7 and Server 2008 R2 can do just that with Active Directory Managed Service Accounts (MSAs). This AskDS blog article explains their use, but fails to convey why there is a PowerShell interface (which I like) but no GUI (again).

The best thing about Group Policies? You can configure almost every aspect of a system. The worst thing? Finding the right setting. This daunting task becomes much easier with Microsoft’s Group Policy Settings Reference in Excel format, now updated to include Windows 7 and Server 2008 R2.

A guide to porting applications to 64-bit Windows from Microsoft: Best Practices for WOW64. The document has been updated on November 2nd, 2009, and now nicely lists the key features of 64-bit Windows and the 32-bit subsystem WOW64.